sbuild
Build Debian packages in a clean environment
TLDR
Build the package in the current directory
Build the given package
Build for a certain distribution
Build using custom dependencies (if a directory is passed, all files ending with .deb are used)
Run a shell in case of build failure to further investigate
Cross build for a certain architecture
Build for the given native architecture
SYNOPSIS
sbuild [OPTIONS] <source-package | .dsc file | .changes file>
PARAMETERS
-c, --chroot=CHROOT
Specify the schroot chroot name or path to use for building.
-d, --dist=DISTRIBUTION
Specify the distribution (e.g., 'sid', 'bookworm') to build for.
-A, --arch=ARCHITECTURE
Specify the architecture (e.g., 'amd64', 'arm64') for the build.
-h, --host=HOST_ARCHITECTURE
Specify the host architecture for cross-compilation builds.
-s, --source
Only build the source package (.dsc, .orig.tar.{gz|xz|bz2}, .debian.tar.{gz|xz|bz2}).
-b, --build
Only build the binary packages (.deb files).
--clean-chroot
Clean the chroot (e.g., revert to snapshot) after the build (default).
--no-clean-chroot
Do not clean the chroot after the build, useful for debugging.
--run-command=COMMAND
Run an arbitrary command inside the chroot before the build.
--extra-dep=PACKAGE
Add an extra build dependency to be installed in the chroot before building.
--force-orig-source
Force the use of the original tarball even if a newer version is present.
--no-run-lintian
Do not run lintian on the built packages.
-v, --verbose
Enable verbose output during the build process.
-D, --debug
Enable debug output.
DESCRIPTION
sbuild is a powerful command-line tool used for securely and reproducibly building Debian packages within an isolated environment, typically a chroot or container. It acts as a wrapper around package building utilities like dpkg-buildpackage or debuild, but crucially manages the build environment itself.
By performing builds in a clean, isolated chroot, sbuild ensures that all declared build dependencies are met and that no extraneous files from the host system interfere with the build. This practice is vital for achieving reproducible builds, enhancing security, and verifying that packages only rely on their specified dependencies. It commonly integrates with schroot to manage the chroot environments, providing a robust framework for official Debian package builds and local development.
CAVEATS
Using sbuild requires pre-configured schroot environments (chroots). Setting up these chroots, including user mapping and package repositories, can be non-trivial and often involves tools like debootstrap and careful schroot configuration. Network access within the chroot is typically required for fetching build dependencies. Proper user permissions and groups must be set up for sbuild to function correctly.
CONFIGURATION FILES
sbuild can be configured globally via /etc/sbuild/sbuild.conf and on a per-user basis using ~/.sbuildrc. These files allow customization of default chroots, build options, and other behaviors.
CHROOT SETUP
While sbuild orchestrates the build, the underlying chroot environments must be prepared separately. This typically involves using debootstrap to create a minimal Debian system and then configuring it as an schroot session.
HISTORY
sbuild originated within the Debian project to provide a robust and secure method for building official Debian packages. It was developed to overcome the limitations of building directly on a host system, which could lead to non-reproducible builds due to varied environments. Its reliance on schroot for managing isolated build environments has been a cornerstone of its design, enabling consistent and clean build processes critical for the Debian archive. It has evolved significantly over time, adapting to new build requirements and chroot management practices.
SEE ALSO
dpkg-buildpackage(1), debuild(1), schroot(1), debootstrap(8), pbuilder(1)